1. Field of the Invention
The present invention relates to a field of computer secure technique, and more particularly, to a method for restoring a computer operation system.
2. Description of the Related Arts
Presently, with the spreading of the computers and the perfecting of the Internet, web surfing becomes a necessary part for lives of computer users. However, the amount of computer viruses is becoming larger and larger, and more severe the disaster is. Meanwhile, hackers imperil the security and normal usage of the data for the computer users. How to protect the operation system (OS) has already become a critical problem for the computer users. Generally, besides the operation system is unable to be normally started up due to the destroy of important files of OS caused by users' malfunctions, most cases are in that the operation system can not be normally started up due to the unexpected destroy or missing of the important files of OS or due to the viruses' destroy to the boot records. The solutions thereof are usually as follows:    1) The OS is backed up and restored with backup/restoration techniques. Generally, there are two backup manners, one is to backup with an external storage device such as magnetic disk devices, CDRs, MO, ZIP drivers and floppies, and the other is to backup with a backup hard disk, with this method, in addition to a hard disk for storing the operation system and user data, a backup hard disk for backing up is additionally provided in the computer. When backing up, the computer is booted into a DOS environment to perform backup operation, and when it is finished, the computer is rebooted so as to be switched from the DOS environment to the Windows environment.
The defects of the application of the backing up/restoring techniques lie in that: no matter which manner is used to perform backup operation, user's manual participation is needed and it requires the user having certain abilities for operating computers. If the user does not backup or not backup in time, a lot of data will be lost. And this method requires to backup/restore all the data in the partitions where the operation system is installed, and thus occupies a big space and needs a long backup/restore time period.    2) The OS is backed up and restored with the establishment of different partitions in one and the same hard disk. At present, some hard disk partition software can be used to partition the hard disk, and then save the backed up data in this newly created partition. If the data in other partitions are destroyed, the data in this backup partition can be used to restore those data.
The defect of the establishment of different partitions in one and the same hard disk lies in that this method requires user's manual backup of data. Also, if the user does not backup or not backup in time, a lot of data will be lost. And since the newly created partition is located in one and the same hard disk as other data, it might be also destroyed because the influence of computer viruses or other malfunctions can not be completely avoided. And, these backed up files can be easily accessed or deleted, and therefore this method has a poor security and reliability.    3) The OS is restored with a recovery CD. The computer manufacture directly provides a recovery CD with optical disks or floppies as its carrier while the computer leaves factory, and the recovery CD stores the operation system and application software data when the computer leaves factory. When the user's computer system is broken down, the user can directly use this recovery CD to restore the computer into a state when it leaves factory.
The defect of using a recovery CD lies in that this method is equivalent to manually reinstalling of the OS, and is time-consumed, labor-intense and complex, and nearly all the application programs need to be reinstalled. Additionally, the recovery CD is provided in a form of an attachment, and the user must safely keep it. Once it is lost, the restoration can not be performed any more, and thus it is inconvenience to the user.    4) The OS is restored with the OS self-checking and restoring techniques. The operation system such as Windows has a tool to restore the system into a previous state, and when some failures occurs on the user's computer, the user can reboot the computer, enter the safe mode, and then perform the OS restoration.
The defect of using the OS self-checking and restoring techniques lies in that when the system is destroyed, the user is required to manually reboot the computer, and must enter the safe mode to possibly perform the OS restoration, and otherwise the restoration can not work at all. Moreover, the backed up data are saved in a normal partition and are easily destroyed.    5) The OS is restored with computer security software such as firewall and antivirus software. This method is to manually configure the antivirus software or firewall software into a real-time monitoring state by the user to prevent the intrusions of computer viruses, and to perform virus-killing operations for the OS system with the firewall and antivirus software in order to restore the OS.
The defect of using the firewall and antivirus software lies in that it is not proved heretofore by any theory model that one or several antivirus software can clear all the unknown viruses or hacking programs, and although the antivirus software can clear most viruses, it requires user's manual configurations to perform virus-killing operations, and more, it requires the user to update virus codes on time and thus has some time lags. The execution of the real-time monitoring programs of antivirus and firewall software will occupy some system resources and reduce the performance of the computer. Sometimes, some antivirus and firewall software will conflict with other software and result in the break down of system. And this method can not avoid the loss caused by user's malfunctions or file missing caused by system break down.
In summary, although a number of restoration methods have been proposed heretofore, the common defects thereof lie in that they can only functions with the user's manual operations, and these methods can only protect the security of the OS itself, and when the boot information or partition table of the hard disk is destroyed, the above methods will be ineffective. At the same time, the backed up data is not very secure.